This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

OWASP AppSec DC 2012/Cloudbased dWAF A Real World Deployment Case Study

Revision as of 00:30, 22 March 2012 by Mark.bristow (talk | contribs) (The Speakers)

Jump to: navigation, search


Registration Now OPEN! | Hotel | Schedule | Convention Center |

The Presentation

I explain the decision-making process of the customer during proof-of-concept, pilot and eventual deployment of a distributed Web App Firewall (dWAF). Post-deployment, I go through the care and feeding of a dWAF protecting resources living in the public cloud, from technical hiccups and tradeoffs to integration in the Dev/QA/Production processes of the security lifecycle of a web app firewall. The talk will be 45 minutes including questions and answers.

The Speakers

Alexander Meisel

A member of OWASP Germany, Alexander Meisel was CTO and co-founder of 'art of defence'. He currently is charge of the development for the web application firewall product at Riverbed.

His interest and expertise in the area of security dates back to his thesis in which he wrote about avoiding and tracing distributed denial-of-service attacks. He worked for a Swiss IT service provider as a Web security expert; later he joined LINX, Europe’s largest Internet exchange, where he took care of member network security issues. After working for three years as a senior consultant designing and implementing large Web farms, including security audits with a leading traffic management company, Alexander switched to the SPX Corporation, where he was the main project manager for Web application solutions in the SAP area. In 2005 he founded 'art of defence' in Germany and developed a truly distributed web application firewall product for high performance environments. The company has been acquired in 2011 by Zeus Technology which has shortly after been acquired by Riverbed Technology. Alex is one of the major contributors to OWASP’s whitepaper “Best Practices Guide: Web Application Firewalls,” which was released by the OWASP Germany Chapter has been translated into English, French, and Chinese. He is a regular speaker at OWASP conferences and meetings world wide mostly with a focus on web application security, scalability and performance.

Gold Sponsors

Aspect logo owasp.jpg AppSecDC2009-Sponsor-securicon.gif AppSecDC2009-Sponsor-mandiant.gif AppSecDC2012-ISC2.gif

Silver Sponsors


Small Business

AppSecDC2012-Sponsor-sideas.gif BayShoreNetworks.png


link= Codenomicon WhiteHat Logo.png AppSecDC2012-HP.jpg WSI - Logo.jpg